- Implementation of pairing computation
supervisor/contact person dr P.Kubiak
The goal is to implement Weil or Tate pairing and to try to utilize
in the implementation the algorithms developed for fast exponentiation.
temporarily reserved by Andrzej Rybczak
- Analyzer for legal requirements for security policies
supervisor/contact person dr P.Kubiak
The goal is to provide tools helping to analyze legal documents concerning
security policies. In particular it is expected that the system will
provide mechanisms for visualization of dependencies between notions
in different legal documents, detect conflicts, etc.
- TPM for PKI systems
supervisor/contact person P. Blaskiewicz
The goal is to provides mechanism for enforcing to generate electronic signatures
on a given physical location. TPM on a desktop machine that is physically
protected from being relocated is such an option.
The solution has to reach the level of security of secure signature creation device
for EU Directive on electronic signatures
- Steganographic seal in paper printouts
supervisor/contact person prof. M.Kutylowski
paper printouts of official documents often contain image of
a seal. The goal is to personalize the image of the seal with steganographic
techniques in order to hide information that might be useful
for document authentication.
temporarily reserved by Michal Kaczmarek
- QR digital seal - cryptographic and legal concepts
supervisor/contact person prof. M.Kutylowski
a concept (both for cryptographic and legal aspects) of an official seal printed as a QR code.
A solution should provide pragmatic ways of visualization and verification with mobile devices.
The concept has to provide very high level of security on the side of seal creation as well as methods
for extracting the digital data to be sealed.
reserved by Mateusz Platek
- smart card authentication for disability users
supervisor/contact person prof. M.Kutylowski
certain users with disabilities (e.g. suffering cerebral palsy) have problems with
entering PIN numbers in an error-free way. Standard 3-trial approach
may be a barrier for them. The goal is to design verification method and to implement
them on smart cards that would provide a similar level of security regardless
of disability problems.
- Distributed Stamp and Extend based on secure hardware components
supervisor/contact person dr P.Kubiak
the underlying protocol is described in the
paper. A distributed version should be designed. A single hardware component
may be a HSM or a smart card or a TPM.
- Proxy on Multos smart cards - feasibility study
supervisor/contact person dr P.Kubiak
Proxy signatures have been designed in the literature but never really investigated as a product for
smart cards. The goal of the dissertation is to provide feasibility studies for smart cards.
This work is going to be made in cooperation with our Chinese partner. One of possible
applications is tagging authenticated personal data revealed to authorities.
- CVCA Interoperability Issues
supervisor/contact person dr P.Kubiak
modify PKI for smart cards in such a way that it survives partial compromise of the root node
and preserves ability to interoperate with similar PKIs of other countries. Contact person/supervisor: Przemyslaw Kubiak
- Practical complexity of AKE protocols on smart cards
supervisor/contact person dr L.Krzywiecki
determine what protocols are feasible on Javacard, what are feasible on Multos.
- Remote voting for small groups
supervisor/contact person dr F. Zagorski, M.Kutylowski
design a remote voting scheme for voting in groups of a few or of several people.
Small groups give opportunity to use tailored algorithmic tools to build a secure voting protocol
that would be infeasible in general scenarios.
\\
interested: Jan Szajda
- Electronic signature and authentication on unreliable smart cards
supervisor/contact person dr L.Krzywiecki
final product is an implementation of a protocol
which provides signatures and at the same time deters the authority, which has issued the card, from cloning the key and using
it outside the user's device
- Secure terminal based on TPM creating invoices:
supervisor/contact person P.Blaskiewicz
The addressee of the transactions is
going to be the tax office. Apart from the implementation also a specification of a format of output data is expected
(a base for some kind of a standard).
- Long term security signatures.
supervisor/contact person dr P. Kubiak
Implementation of the protocol from the paper on smart cards.
- Time stamping systems with embedded devices:
supervisor/contact person P.Blaskiewicz, M.Kutylowski, maybe an external supervisor
The problem is to design a lightweight and undeniable Time Stamping Infrastructure where the end devices are
performing activities and time-stamping themselves their data. The outcome must be in undeniable in technical sense.
There are practical applications in mind. TPM might be very useful for end devices...
- Browser protection:
supervisor/contact person P.Blaskiewicz, M.Kutylowski, maybe an external supervisor
The goal is to write a piece of software that supervises traffic with the browsers and removes
dangerous contents just like some software do with banners, advertisements and other contents of this kind
- Non-standard applications of TPM :
supervisor/contact person M.Kutylowski
The goal is to check possibilities of implementing basic cryptographic protocols through
workaround utilization of TPM keys. In particular, restricted identification should be
considered.
- Identity management for visitors in amusement parks - active RFID solution :
supervisor/contact person M.Kutylowski
The goal is to develop a solution for amusement parks guiding visitors.
It should simplify the design proposed by SMU Singpore (presented at ISPEC 2013), should be based on
active RFID and must fulfill the personal data protection principles.